Re: [OpenSMTPD] master snapshot opensmtpd-201405202103 available

2014-06-06 Thread Gilles Chehade 
Hi,

The problem was reproduced and undertood today, it only affects the latest
snapshot and the fix will be committed in a minute by eric@

I'll regen snapshots tonight after a bit of code backporting



On Wed, May 21, 2014 at 10:28:09AM +0100, John Cox wrote:
 Hi
 
 User gilles has just rebuilt a master snapshot, available from:
 
 http://www.OpenSMTPD.org/archives/opensmtpd-201405202103.tar.gz
 
 Checksum:
 
   SHA256 (opensmtpd-201405202103.tar.gz) =
   39a4520515e36a3b44b4cbbd63211bddbc07db316d929c3b583b86f95e5558d1
 
 A summary of the content of this snapshot is available below.
 
 Please test and let us know if it breaks something!
 
 Better than the last one but something is still confused. It ran for a
 bit and then stopped (didn't crash just stopped doing stuff) having
 delivered a very empty message:
 
 $ cat '1400658290.911.yidhra.outer.uphall.net:2,S'
 Return-Path: e...@ebay.co.uk
 Delivered-To: j...@yidhra.outer.uphall.net
 Received: from azathoth.uphall.net (azathoth.uphall.net
 [46.235.226.138]);
 by yidhra.outer.uphall.net (OpenSMTPD) with ESMTPS id
 0893cac8;
 TLS version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384
 bits=256 verify=YES;
 for j...@yidhra.outer.uphall.net;
 Wed, 21 May 2014 08:44:50 +0100 (BST)
 $
 
 I'm unsure exactly how this message originated - I think it was a
 longer real message that has been flattened but I'm not sure.  I have
 logs from both azathoth (using sendmail) and yidhra (opensmtpd) but
 sendmail logs cause my head to hurt!  Logs attached
 
 If this snapshot doesn't work, please also test with a previous one,
 to help us spot where the issue is coming from. You can access all
 previous snapshots here:
 
 http://www.opensmtpd.org/archives/
 
 The OpenSMTPD team ;-)
 
 
 Summary of changes since last snapshot (opensmtpd-201405142324):
 ---
 
 - change filter definition syntax making it possible to pass arguments 
  to filter
 - fix the parse_attribute interface in table_ldap it was doing not 
  really smart
 - while at it, fix user authentication which was not fetching the 
  correct attribute
 - when dealing with an unknown lookup kind, do not succeed with random 
  crap in the result
 - add missing header needed by str* and mem* functions, from OpenBSD cvs 
  tree
 - code cleanup and fixes
 - per-listener filter
 - fix log strings
 - unset the wait flag when cancelling the timeout
 - fix a possible double-free in the mta when using pki in outgoing 
  connections
 - generic ssl API improvements while there, by reyk@
 - sync manpages changes from OpenBSD
 - %i - %d
 


 
 Log from yidhra - mildly redacted in message body from ebay to remove refs
 
 # smtpd -v -d
 debug: init ssl-tree
 info: loading pki information for yidhra.outer.uphall.net
 info: OpenSMTPD 201405202103 starting
 debug: bounce warning after 4h
 debug: using fs queue backend
 debug: using ramqueue scheduler backend
 debug: using ram stat backend
 info: startup [debug mode]
 debug: parent_send_config_ruleset: reloading
 filter: building simple chains...
 debug: init ssl-tree
 debug: parent_send_config: configuring pony process
 filter: building complex chains...
 info: loading pki keys for yidhra.outer.uphall.net
 debug: parent_send_config: configuring ca process
 filter: done building complex chains
 debug: init private ssl-tree
 debug: ca_engine_init: using RSAX engine support
 debug: smtp: listen on 127.0.0.1 port 25 flags 0x1 pki 
 yidhra.outer.uphall.net
 debug: smtp: listen on IPv6:fe80::1%lo0 port 25 flags 0x1 pki 
 yidhra.outer.uphall.net
 debug: smtp: listen on IPv6:::1 port 25 flags 0x1 pki 
 yidhra.outer.uphall.net
 debug: smtp: listen on IPv6:fe80::6a05:caff:fe08:e7b1%em2 port 25 flags 0x1 
 pki yidhra.outer.uphall.net
 debug: smtp: listen on 10.44.0.3 port 25 flags 0x1 pki 
 yidhra.outer.uphall.net
 debug: pony: rsae_init
 debug: pony: rsae_init
 debug: smtp: will accept at most 3503 clients
 debug: queue: done loading queue into scheduler
 debug: smtpd: scanning offline queue...
 debug: smtpd: offline scanning done
 debug: smtp: new client on listener: 0xef84a336000
 smtp-in: New session cd0f0efb1c7016a0 from host azathoth.uphall.net 
 [46.235.226.138]
 debug: lka: looking up pki yidhra.outer.uphall.net
 debug: session_start_ssl: switching to SSL
 debug: pony: rsae_priv_enc
 debug: pony: rsae_init
 debug: pony: rsae_init
 debug: pony: rsae_pub_dec
 debug: pony: rsae_bn_mod_exp
 debug: pony: rsae_init
 debug: pony: rsae_pub_dec
 debug: pony: rsae_bn_mod_exp
 debug: pony: rsae_pub_dec
 debug: pony: rsae_bn_mod_exp
 smtp-in: Started TLS on session cd0f0efb1c7016a0: version=TLSv1/SSLv3, 
 cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256
 smtp-in: Client certificate verification succeeded on session cd0f0efb1c7016a0
 debug: smtp: SIZE in MAIL FROM command
 debug: aliases_virtual_get:

Re: can receive mail but can't send

2014-06-06 Thread Gilles Chehade 
does your mail system work if you disable pf ?

first step is to determine if the issue comes from pf blocking something
or from smtpd not doing what you think it does


On Thu, Jun 05, 2014 at 01:00:55PM +0200, zoran wrote:
 This is my first mail server ever, i choose opensmtpd because its looks
 very simple but i guess i made it complicated, i manage to receive mail
 from gmail but i cant send the mail. I'm running opensmtpd with dovecot
 on openbsd 5.5 where is my dns server too...i'll include my smtpd.conf
 and pf.conf so i hope somebody will give me advice how to fix this
 problem for which i will be very thankful!
 
 pf.conf
 
  
 pass in on $ext_if inet proto udp to $ext_if port $udp_services rdr-to
 $comp2
 pass in log on $int_if inet proto udp from $int_if:network to $ext_if
 port $udp_services rdr-to $comp2
 match out log on $int_if proto udp from $int_if:network to $comp2 port
 $udp_services nat-to $int_if
 pass on $int_if inet proto udp to $comp2 port $udp_services
 
 
 match in on $ext_if proto tcp to $ext_if port $email rdr-to $emailserver
 pass proto tcp from any to $emailserver port $email
 pass proto tcp from $emailserver to any port $email
 
 pass in on $ext_if inet proto tcp to $ext_if port $email rdr-to $emailserver
 pass in log on $int_if inet proto tcp from $int_if:network to $ext_if
 port $email rdr-to $emailserver
 match out log on $int_if proto tcp from $int_if:network to $emailserver
 port $email nat-to $int_if
 pass on $int_if inet proto tcp to $emailserver port $email
 
 smtpd.conf
 
   1 pki mail.tcpudp.org certificate /etc/mail/certs/mail.tcpudp.org.crt
   2 pki mail.tcpudp.org key /etc/mail/certs/mail.tcpudp.org.key
   3
   4 listen on lo0 port 10025 tag Filtered
   5 listen on lo0 port 10027 tag Signed
   6
   7 listen on egress port 587 tls-require pki mail.tcpudp.org
   8 listen on egress port 25 tls pki mail.tcpudp.org 
   9
  10 table aliases db:/etc/mail/aliases.db
  11 table secrets db:/etc/mail/secrets.db
  12 table domains { tcpudp.org, *.tcpudp.org }
  13 accept from source X.X.X.10 for any relay
  14 accept from source X.X.X.11 for any relay
  15
  16 #accept from any for domain tcpudp.org relay via smtp://127.0.0.1:10024
  17 #accept for any relay via smtp://127.0.0.1:10026
  18 accept tagged Filtered for any alias aliases deliver to maildir
 /home/Maildir
  19 accept from any for domain tcpudp.org deliver to maildir /home/Maildir
  20 accept from any for domain tcpudp.org relay via
 tls+auth://label@zo...@tcpudp.org:587 auth secrets
  21 accept from local for any relay
 
 
 
 # smtpd -dv -T smtp
 debug: init ssl-tree
 info: loading pki information for mail.tcpudp.org
 info: OpenSMTPD 5.4.2 starting
 debug: bounce warning after 4h
 debug: using fs queue backend
 debug: using ramqueue scheduler backend
 debug: using ram stat backend
 info: startup [debug mode]
 debug: parent_send_config_ruleset: reloading
 mfa: building simple chains...
 debug: parent_send_config_mfa: reloading
 mfa: building complex chains...
 debug: parent_send_config: configuring smtp
 mfa: done building complex chains
 mfa: done building default chain
 debug: smtp: listen on 192.168.0.11 port 25 flags 0x1 pki mail.tcpudp.org
 debug: mfa ready
 debug: smtp: listen on IPv6:fe80::226:18ff:fee7:790b%re0 port 25 flags
 0x1 pki mail.tcpudp.org
 debug: smtp: listen on 192.168.0.11 port 587 flags 0x21 pki
 mail.tcpudp.org
 debug: smtp: listen on IPv6:fe80::226:18ff:fee7:790b%re0 port 587 flags
 0x21 pki mail.tcpudp.org
 debug: smtp: listen on 127.0.0.1 port 10027 flags 0x0 pki 
 debug: smtp: listen on IPv6:fe80::1%lo0 port 10027 flags 0x0 pki 
 debug: smtp: listen on IPv6:::1 port 10027 flags 0x0 pki 
 debug: smtp: listen on 127.0.0.1 port 10025 flags 0x0 pki 
 debug: smtp: listen on IPv6:fe80::1%lo0 port 10025 flags 0x0 pki 
 debug: smtp: listen on IPv6:::1 port 10025 flags 0x0 pki 
 debug: smtp: will accept at most 497 clients
 debug: smtpd: scanning offline queue...
 debug: smtpd: offline scanning done
 debug: queue: done loading queue into scheduler
 debug: scheduler: evp:5eadde3e381a9df0 scheduled (mta)
 debug: mta: received evp:5eadde3e381a9df0 for r...@mail.tcpudp.org
 debug: mta: draining [relay:mail.tcpudp.org] refcount=1, ntask=1,
 nconnector=0, nconn=0
 debug: mta: querying MX for [relay:mail.tcpudp.org]...
 debug: mta: [relay:mail.tcpudp.org] waiting for MX
 debug: MXs for domain mail.tcpudp.org:
 77.105.40.98 preference 0
 debug: mta: ... got mx (0x7af6ec10, mail.tcpudp.org,
 [relay:mail.tcpudp.org])
 debug: mta: draining [relay:mail.tcpudp.org] refcount=1, ntask=1,
 nconnector=0, nconn=0
 debug: mta: querying source for [relay:mail.tcpudp.org]...
 debug: mta: ... got source for [relay:mail.tcpudp.org]: []
 debug: mta: new [connector:[]-[relay:mail.tcpudp.org],0x1]
 debug: mta: connecting with [connector:[]-[relay:mail.tcpudp.org],0x0]
 debug: mta-routing: searching new route for
 [connector:[]-[relay:mail.tcpudp.org],0x0]...
 debug: mta-routing: selecting

[OpenSMTPD] master snapshot opensmtpd-201406061829 available

2014-06-06 Thread gilles 
User gilles has just rebuilt a master snapshot, available from:

http://www.OpenSMTPD.org/archives/opensmtpd-201406061829.tar.gz

Checksum:

  SHA256 (opensmtpd-201406061829.tar.gz) =
  951a22703cc40ea0e480902a3a1f674d3c8e291947ecd819537a24af0390f30e

A summary of the content of this snapshot is available below.

Please test and let us know if it breaks something!

If this snapshot doesn't work, please also test with a previous one,
to help us spot where the issue is coming from. You can access all
previous snapshots here:

http://www.opensmtpd.org/archives/

The OpenSMTPD team ;-)


Summary of changes since last snapshot (opensmtpd-201405202103):
---

- fix a possible crash caused by an off by one in imsg iovec passing
- replace realloc() calls with a * b constructs with calls to reallocarray()
- remove log_imsg() in ca.c, as it's already called in imsg_dispatch()
- HELO/EHLO may be called multiple times in a row
- no need to fsync() every envelope, instead just sync the whole transaction
- memset getaddrinfo hints before using it to avoid garbage causing a 
getaddrinfo to fail [1]
- fix a missing counter reset when a transaction ends leading to message 
truncation
- fix a bug in the local enqueuer parsing causing possible malformed 
headers confusing some MUA
- do the loop checking on incoming mail, not outgoing mail, it's simpler, 
saner and more efficient
- fix imsg profiling
- add a counter on holdq structures and limit number of envelopes on hold
- limit number of envelopes to schedule in a single run

[1] contributed by Jason A. Donenfeld

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org